freebsd-nq/sys/security/audit
Christian S.J. Peron 06399e90bc Mark the audit system calls as being un-implemented in jails. Currently we do
not trust jails enough to execute audit related system calls. An example of
this is with su(1), or login(1) within prisons. So, if the syscall request
comes from a jail return ENOSYS. This will cause these utilities to operate
as if audit is not present in the kernel.

Looking forward, this problem will be remedied by allowing non privileged
users to maintain and their own audit streams, but the details on exactly how
this will be implemented needs to be worked out.

This change should fix situations when options AUDIT has been compiled into
the kernel, and utilities like su(1), or login(1) fail due to audit system
call failures within jails.

This is a RELENG_6 candidate.

Reported by:	Christian Brueffer
Discussed with:	rwatson
MFC after:	3 days
2006-10-10 15:49:10 +00:00
..
audit_arg.c Audit the argv and env vectors passed in on exec: 2006-09-01 11:45:40 +00:00
audit_bsm_klib.c Introduce support for per-audit pipe preselection independent from the 2006-06-05 14:48:17 +00:00
audit_bsm_token.c Add missing white space in au_to_exec_{args,env}(). 2006-09-20 13:14:47 +00:00
audit_bsm.c Add BSM conversion switch entries for a number of system calls, many 2006-10-03 20:43:48 +00:00
audit_ioctl.h Allow the user process to query the kernel's notion of a maximum 2006-08-26 17:59:31 +00:00
audit_pipe.c Allow the user process to query the kernel's notion of a maximum 2006-08-26 17:59:31 +00:00
audit_private.h Correct a slight regression which was introduced with the implementation of 2006-09-17 17:52:57 +00:00
audit_syscalls.c Mark the audit system calls as being un-implemented in jails. Currently we do 2006-10-10 15:49:10 +00:00
audit_trigger.c Prefer C to C++ comments per style(9). 2006-06-08 21:55:39 +00:00
audit_worker.c Rework the way errors are handled with respect to how audit records are 2006-09-24 13:35:58 +00:00
audit.c Trim some no longer XXX comments. 2006-10-02 11:32:23 +00:00
audit.h White space cleanup, no functional change. 2006-09-04 06:06:23 +00:00